/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package servlets;

import java.util.*;
import java.io.IOException;
import java.util.Arrays;
import dbhandler.DBConnector;
import java.security.NoSuchAlgorithmException;
import java.sql.CallableStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.lang.String;

/**
 *
 * @author Tokino
 */
public class PUpdate {

    private String opassword;
    private String npassword1;
    private String npassword2;
    private Hashtable errors;
    private String status;
    private boolean IsTrue;

    public boolean isIsTrue() {
        return IsTrue;
    }

    public void setIsTrue(boolean IsTrue) {
        this.IsTrue = IsTrue;
    }

        public void setErrors(String key, String msg) {
        errors.put(key, msg);
    }
    public String getStatus() {
        return status;
    }

    public void setStatus(String status) {
        this.status = status;
    }

    public String getNpassword1() {
        return npassword1;
    }

    public void setNpassword1(String npassword1) {
        this.npassword1 = npassword1;
    }

    public String getNpassword2() {
        return npassword2;
    }

    public void setNpassword2(String npassword2) {
        this.npassword2 = npassword2;
    }

    public String getOpassword() {
        return opassword;
    }

    public void setOpassword(String opassword) {
        this.opassword = opassword;
    }

    public PUpdate() {

        opassword = "";
        npassword1 = "";
        npassword2 = "";
        status = "";
        IsTrue=false;
        errors = new Hashtable();
        
    }
    
        public String getErrorMsg(String s) {
        String errorMsg = (String) errors.get(s.trim());
        return (errorMsg == null) ? "" : errorMsg;
    }

    public boolean Cpassword(String userName) throws ClassNotFoundException, SQLException, IOException, NoSuchAlgorithmException {
        boolean bool = true;

        //System.out.println(opassword + "old password");
        String digest = null;
        String salt = null;


        DBConnector dbConnectorchk = null;
        dbConnectorchk = new DBConnector("localhost", 3306, "selector", "53l3ct0r", "bookaholic");

        dbConnectorchk.connectToDB();
        CallableStatement callable = null;
        ResultSet result = null;
        String authCall = "{ call login2(?) }";
        callable = dbConnectorchk.getConnection().prepareCall(authCall);
        callable.setString(1, userName);
        result = callable.executeQuery();
        if (result.next()) {
            digest = result.getString("hashpassword");
            salt =
                    result.getString("salt");

        }
        byte[] bDigest =
                dbConnectorchk.base64ToByte(digest);
        byte[] bSalt =
                dbConnectorchk.base64ToByte(salt);
        byte[] proposedDigest =
                dbConnectorchk.getHash(opassword, bSalt);

        String sDigest = dbConnectorchk.byteToBase64(dbConnectorchk.getHash(npassword1, bSalt));
        if (!Arrays.equals(proposedDigest, bDigest)) {
        IsTrue=false;
        errors.put("opassword", "old password did not match");
        opassword = "";
         bool = false;
        }
            
            if (npassword1.equals("") || npassword1.length() < 7 || !(npassword1.matches("(?=^.{8,}$)(?=.*[A-Z])(?=.*[a-z])(?=.*[\\W_\\d]).*$"))) {
                errors.put("npassword1", "Please enter a valid password (minimum length of 8 characters long containing upper, lower, and 1 numerical/special characters)");
                npassword1 = "";
                 npassword2 = "";
                errors.put("status", "Failure");
                bool = false;
            }
            if (!npassword1.equals("") && (npassword2.equals("")
                    || !npassword1.equals(npassword2))) {
                errors.put("npassword2", "Please confirm your password");
              
                npassword2 = "";
                errors.put("status", "Failure");
                bool = false;
            }
            if (bool == true) {
                dbConnectorchk.changePassword(userName,npassword1, sDigest);
                //System.out.println("Yesssssssssss");
                //System.out.println(userName);
                errors.put("status", "Success! Password Changed");
                
                
            }
        
          
        
        return bool;
    }
}
